Nagios Support Forum

Is there any object(host/service) which a user can see in which they are not a contact for it? If so, which one?

XI > Admin > System Profile > Download Profile

Please include the zip file in your response. You can PM myself or other support personnel if you have privacy concerns.

Thanks for the user.txt file. The userlevel settings for that user do look correct but maybe something else was corrupted when the Backend was down.
Try and delete that user, recreate it and see if the recreated account has the same issue.

Hi tgriep,
This issue persist after recreate of user.

Has this user actually logged in to the XI interface yet, or have you just masqueraded as them?
The user must login to XI and accept the terms before the permissions are actually set.

Can you run the following commands and post the /tmp/sql.txt file?

Your profile didn't come through, can you try again?

tgriep wrote:Has this user actually logged in to the XI interface yet, or have you just masqueraded as them?
The user must login to XI and accept the terms before the permissions are actually set.

Can you run the following commands and post the /tmp/sql.txt file?

Code: Select all

echo 'desc nagios_contacts;' |mysql -t -u root -pnagiosxi nagios >/tmp/sql.txt
echo 'desc nagios_hosts;' |mysql -t -u root -pnagiosxi nagios >>/tmp/sql.txt
echo 'desc nagios_services;' |mysql -t -u root -pnagiosxi nagios >>/tmp/sql.txt

Hi tgriep,
No, I did't masquerade with that user I just logged with, and I accepted the terms.

/tmp/sql.txt didn't come through and apparently neither did the profile. Can you either post those or PM them? You can download it by going to Admin > System Config > System Profile and click the Download Profile button towards the top. If for whatever reason you *cannot* download the profile, please put the output of View System Info (5.3.4+, Show Profile if older) in the thread (that will at least get us some info). This will give us access to many of the logs we would otherwise ask for individually. If security is a concern, you can unzip the profile take out what you like, and then zip it up again. We may end up needing something you remove, but we can ask for that specifically.

After you PM the profile, please update this thread. Updating this thread is the only way for it to show back up on our dashboard.

UPDATE: profile received and shared with techs

Thanks for the new profile.
That user is part of the admins and the xi_contactgroup_all contact group and those groups are applied to many hosts and services.
If you edit those contact groups, remove that contact, then the rights should work now.

Hi tgriep,
"admins" group have access to all, and "xi_contactgroup_all" was a group-member of that group. Members of "xi_contactgroup_all" group was only "nagiosadmin" user. So how can CXXXC user can be user of that group?

But, that helps me. When I removed "xi_contactgroup_all" group from "admins" group, user doesn't see anything.
So, thank you very much tgriep.

In your running configuration, I saw that the user was in the admins contact group but if you could not find that user in the CCM, then the settings from the CCM were not synced to the running configuration.
When you edited the other group, and Applied the Config, it probably synced the changes and fixed the issue.
If you don't have any other questions, shall I close and lock up the post as solved?